Last time I checked for my own shared hosting, SSL was limited to one domain and one IP, i.e., as long as I use shared hosting, I must decide which one of my domains is used for SSL. Is that still correct?

The prevalence of free, open WiFi has made it rather easy for a WiFi eavesdropper to steal your identity cookie for the websites you visit while you're connected to that WiFi access point. This is something I talked about in Breaking the Web's Cookie Jar. It's difficult to fix without making ma...